Wing FTP Server Remote Code Execution (CVE-2025-47812) Exploited in the Wild
Summary
TL;DR: Huntress saw active exploitation of Wing FTP Server remote code execution (CVE-2025-47812) on a customer on July 1, 2025. Organizations running Wing FTP Server should update to the fixe …
Read more
Published Date:
Jul 10, 2025 (14 hours, 11 minutes ago)
Vulnerabilities has been mentioned in this article.
Hackers Exploiting GeoServer RCE Vulnerability to Deploy CoinMiner
A critical remote code execution vulnerability in GeoServer has become a prime target for cybercriminals deploying cryptocurrency mining malware across global networks.
The vulnerability, designated C …
Read more
Published Date:
Jul 10, 2025 (5 hours, 14 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2024-36401
Critical Ruckus Wireless Vulnerabilities Exposes Enterprise Wireless Networks
Multiple critical vulnerabilities have been discovered in Ruckus Wireless management products, specifically Virtual SmartZone (vSZ) and Network Director (RND), potentially allowing complete compromise …
Read more
Published Date:
Jul 10, 2025 (4 hours, 55 minutes ago)
Vulnerabilities has been mentioned in this article.
GitLab Vulnerabilities Let Attackers Execute Actions by Injecting Malicious Content
GitLab has released critical security patches across multiple versions to address several high-severity vulnerabilities that could allow attackers to execute unauthorized actions through malicious con …
Read more
Published Date:
Jul 10, 2025 (4 hours, 52 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-6948
CVE-2025-6168
CVE-2025-4972
CVE-2025-3396
CVE-2024-12084
CVE-2024-12088
Critical Linux Kernel’ Double Free Vulnerability Let Attackers Escalate Privileges
A severe double-free vulnerability has been discovered in the Linux kernel’s NFT (netfilter) subsystem, specifically within the pipapo set module.
This critical security flaw allows unprivileged attac …
Read more
Published Date:
Jul 10, 2025 (4 hours, 42 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2023-4004
ServiceNow Platform Vulnerability Let Attackers Exfiltrate Sensitive Data
A significant vulnerability in ServiceNow’s platform, designated CVE-2025-3648 and dubbed “Count(er) Strike,” enables attackers to exfiltrate sensitive data, including PII, credentials, and financial …
Read more
Published Date:
Jul 10, 2025 (3 hours, 19 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-3648
PerfektBlue Bluetooth flaws impact Mercedes, Volkswagen, Skoda cars
Four vulnerabilities dubbed PerfektBlue and affecting the BlueSDK Bluetooth stack from OpenSynergy can be exploited to achieve remote code execution and potentially allow access to critical elements i …
Read more
Published Date:
Jul 10, 2025 (3 hours, 9 minutes ago)
Vulnerabilities has been mentioned in this article.
Palo Alto Networks GlobalProtect Vulnerability Allows Root User Privilege Escalation
Palo Alto Networks has disclosed a critical security vulnerability in its GlobalProtect VPN application that enables locally authenticated users to escalate their privileges to root access on macOS an …
Read more
Published Date:
Jul 10, 2025 (2 hours, 41 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-0141
CVE-2025-3648
There are many different types of vulnerabilities that can occur when setting up CORS for your web application, and insecure…
Asteroid Shooter is a local 2-player spaceship asteroid survival game. Each game round lasts 120 seconds. The post Asteroid Shooter…
Meet Anubis, the self-hosted firewall that’s stopping AI bots in their tracks. Source: Latest newsÂ
Version 1.1 of NativePHP drops Monday, July 14, and it isn’t just a collection of fixes. It’s a foundational upgrade…
The threat actor known as Blind Eagle has been attributed with high confidence to the use of the Russian bulletproof…
The rapid growth of generative AI technology has been a catalyst for business productivity growth, creating new opportunities for greater…
CVE ID : CVE-2025-38337
Published : July 10, 2025, 9:15 a.m. | 4 hours, 51 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()
Since handle->h_transaction may be a NULL pointer, so we should change it
to call is_handle_aborted(handle) first before dereferencing it.
And the following data-race was reported in my fuzzer:
==================================================================
BUG: KCSAN: data-race in jbd2_journal_dirty_metadata / jbd2_journal_dirty_metadata
write to 0xffff888011024104 of 4 bytes by task 10881 on cpu 1:
jbd2_journal_dirty_metadata+0x2a5/0x770 fs/jbd2/transaction.c:1556
__ext4_handle_dirty_metadata+0xe7/0x4b0 fs/ext4/ext4_jbd2.c:358
ext4_do_update_inode fs/ext4/inode.c:5220 [inline]
ext4_mark_iloc_dirty+0x32c/0xd50 fs/ext4/inode.c:5869
__ext4_mark_inode_dirty+0xe1/0x450 fs/ext4/inode.c:6074
ext4_dirty_inode+0x98/0xc0 fs/ext4/inode.c:6103
….
read to 0xffff888011024104 of 4 bytes by task 10880 on cpu 0:
jbd2_journal_dirty_metadata+0xf2/0x770 fs/jbd2/transaction.c:1512
__ext4_handle_dirty_metadata+0xe7/0x4b0 fs/ext4/ext4_jbd2.c:358
ext4_do_update_inode fs/ext4/inode.c:5220 [inline]
ext4_mark_iloc_dirty+0x32c/0xd50 fs/ext4/inode.c:5869
__ext4_mark_inode_dirty+0xe1/0x450 fs/ext4/inode.c:6074
ext4_dirty_inode+0x98/0xc0 fs/ext4/inode.c:6103
….
value changed: 0x00000000 -> 0x00000001
==================================================================
This issue is caused by missing data-race annotation for jh->b_modified.
Therefore, the missing annotation needs to be added.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-38336
Published : July 10, 2025, 9:15 a.m. | 4 hours, 51 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330
The controller has a hardware bug that can hard hang the system when
doing ATAPI DMAs without any trace of what happened. Depending on the
device attached, it can also prevent the system from booting.
In this case, the system hangs when reading the ATIP from optical media
with cdrecord -vvv -atip on an _NEC DVD_RW ND-4571A 1-01 and an
Optiarc DVD RW AD-7200A 1.06 attached to an ASRock 990FX Extreme 4,
running at UDMA/33.
The issue can be reproduced by running the same command with a cygwin
build of cdrecord on WinXP, although it requires more attempts to cause
it. The hang in that case is also resolved by forcing PIO. It doesn’t
appear that VIA has produced any drivers for that OS, thus no known
workaround exists.
HDDs attached to the controller do not suffer from any DMA issues.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-38335
Published : July 10, 2025, 9:15 a.m. | 4 hours, 51 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
Input: gpio-keys – fix a sleep while atomic with PREEMPT_RT
When enabling PREEMPT_RT, the gpio_keys_irq_timer() callback runs in
hard irq context, but the input_event() takes a spin_lock, which isn’t
allowed there as it is converted to a rt_spin_lock().
[ 4054.289999] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48
[ 4054.290028] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 0, name: swapper/0
…
[ 4054.290195] __might_resched+0x13c/0x1f4
[ 4054.290209] rt_spin_lock+0x54/0x11c
[ 4054.290219] input_event+0x48/0x80
[ 4054.290230] gpio_keys_irq_timer+0x4c/0x78
[ 4054.290243] __hrtimer_run_queues+0x1a4/0x438
[ 4054.290257] hrtimer_interrupt+0xe4/0x240
[ 4054.290269] arch_timer_handler_phys+0x2c/0x44
[ 4054.290283] handle_percpu_devid_irq+0x8c/0x14c
[ 4054.290297] handle_irq_desc+0x40/0x58
[ 4054.290307] generic_handle_domain_irq+0x1c/0x28
[ 4054.290316] gic_handle_irq+0x44/0xcc
Considering the gpio_keys_irq_isr() can run in any context, e.g. it can
be threaded, it seems there’s no point in requesting the timer isr to
run in hard irq context.
Relax the hrtimer not to use the hard context.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-38338
Published : July 10, 2025, 9:15 a.m. | 4 hours, 51 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio()
Sometimes, when a file was read while it was being truncated by
another NFS client, the kernel could deadlock because folio_unlock()
was called twice, and the second call would XOR back the `PG_locked`
flag.
Most of the time (depending on the timing of the truncation), nobody
notices the problem because folio_unlock() gets called three times,
which flips `PG_locked` back off:
1. vfs_read, nfs_read_folio, … nfs_read_add_folio,
nfs_return_empty_folio
2. vfs_read, nfs_read_folio, … netfs_read_collection,
netfs_unlock_abandoned_read_pages
3. vfs_read, … nfs_do_read_folio, nfs_read_add_folio,
nfs_return_empty_folio
The problem is that nfs_read_add_folio() is not supposed to unlock the
folio if fscache is enabled, and a nfs_netfs_folio_unlock() check is
missing in nfs_return_empty_folio().
Rarely this leads to a warning in netfs_read_collection():
————[ cut here ]————
R=0000031c: folio 10 is not locked
WARNING: CPU: 0 PID: 29 at fs/netfs/read_collect.c:133 netfs_read_collection+0x7c0/0xf00
[…]
Workqueue: events_unbound netfs_read_collection_worker
RIP: 0010:netfs_read_collection+0x7c0/0xf00
[…]
Call Trace:
netfs_read_collection_worker+0x67/0x80
process_one_work+0x12e/0x2c0
worker_thread+0x295/0x3a0
Most of the time, however, processes just get stuck forever in
folio_wait_bit_common(), waiting for `PG_locked` to disappear, which
never happens because nobody is really holding the folio lock.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-38339
Published : July 10, 2025, 9:15 a.m. | 4 hours, 51 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
powerpc/bpf: fix JIT code size calculation of bpf trampoline
arch_bpf_trampoline_size() provides JIT size of the BPF trampoline
before the buffer for JIT’ing it is allocated. The total number of
instructions emitted for BPF trampoline JIT code depends on where
the final image is located. So, the size arrived at with the dummy
pass in arch_bpf_trampoline_size() can vary from the actual size
needed in arch_prepare_bpf_trampoline(). When the instructions
accounted in arch_bpf_trampoline_size() is less than the number of
instructions emitted during the actual JIT compile of the trampoline,
the below warning is produced:
WARNING: CPU: 8 PID: 204190 at arch/powerpc/net/bpf_jit_comp.c:981 __arch_prepare_bpf_trampoline.isra.0+0xd2c/0xdcc
which is:
/* Make sure the trampoline generation logic doesn’t overflow */
if (image && WARN_ON_ONCE(&image[ctx->idx] >
(u32 *)rw_image_end – BPF_INSN_SAFETY)) {
So, during the dummy pass, instead of providing some arbitrary image
location, account for maximum possible instructions if and when there
is a dependency with image location for JIT’ing.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-38340
Published : July 10, 2025, 9:15 a.m. | 4 hours, 51 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
firmware: cs_dsp: Fix OOB memory read access in KUnit test
KASAN reported out of bounds access – cs_dsp_mock_bin_add_name_or_info(),
because the source string length was rounded up to the allocation size.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…